2 The header file of CHAP configuration.
4 Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
10 #define _ISCSI_CHAP_H_
12 #define ISCSI_AUTH_METHOD_CHAP "CHAP"
14 #define ISCSI_KEY_CHAP_ALGORITHM "CHAP_A"
15 #define ISCSI_KEY_CHAP_IDENTIFIER "CHAP_I"
16 #define ISCSI_KEY_CHAP_CHALLENGE "CHAP_C"
17 #define ISCSI_KEY_CHAP_NAME "CHAP_N"
18 #define ISCSI_KEY_CHAP_RESPONSE "CHAP_R"
20 #define ISCSI_CHAP_ALGORITHM_MD5 5
25 #define ISCSI_CHAP_RSP_LEN 16
27 #define ISCSI_CHAP_STEP_ONE 1
28 #define ISCSI_CHAP_STEP_TWO 2
29 #define ISCSI_CHAP_STEP_THREE 3
30 #define ISCSI_CHAP_STEP_FOUR 4
35 typedef struct _ISCSI_CHAP_AUTH_CONFIG_NVDATA
{
37 CHAR8 CHAPName
[ISCSI_CHAP_NAME_STORAGE
];
38 CHAR8 CHAPSecret
[ISCSI_CHAP_SECRET_STORAGE
];
39 CHAR8 ReverseCHAPName
[ISCSI_CHAP_NAME_STORAGE
];
40 CHAR8 ReverseCHAPSecret
[ISCSI_CHAP_SECRET_STORAGE
];
41 } ISCSI_CHAP_AUTH_CONFIG_NVDATA
;
46 /// ISCSI CHAP Authentication Data
48 typedef struct _ISCSI_CHAP_AUTH_DATA
{
49 ISCSI_CHAP_AUTH_CONFIG_NVDATA
*AuthConfig
;
51 UINT8 InChallenge
[1024];
52 UINT32 InChallengeLength
;
54 // Calculated CHAP Response (CHAP_R) value.
56 UINT8 CHAPResponse
[ISCSI_CHAP_RSP_LEN
];
59 // Auth-data to be sent out for mutual authentication.
61 // While the challenge size is technically independent of the hashing
62 // algorithm, it is good practice to avoid hashing *fewer bytes* than the
63 // digest size. In other words, it's good practice to feed *at least as many
64 // bytes* to the hashing algorithm as the hashing algorithm will output.
67 UINT8 OutChallenge
[ISCSI_CHAP_RSP_LEN
];
68 } ISCSI_CHAP_AUTH_DATA
;
71 This function checks the received iSCSI Login Response during the security
74 @param[in] Conn The iSCSI connection.
76 @retval EFI_SUCCESS The Login Response passed the CHAP validation.
77 @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
78 @retval EFI_PROTOCOL_ERROR Some kind of protocol error occurred.
79 @retval Others Other errors as indicated.
83 IScsiCHAPOnRspReceived (
84 IN ISCSI_CONNECTION
*Conn
87 This function fills the CHAP authentication information into the login PDU
88 during the security negotiation stage in the iSCSI connection login.
90 @param[in] Conn The iSCSI connection.
91 @param[in, out] Pdu The PDU to send out.
93 @retval EFI_SUCCESS All check passed and the phase-related CHAP
94 authentication info is filled into the iSCSI
96 @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
97 @retval EFI_PROTOCOL_ERROR Some kind of protocol error occurred.
102 IN ISCSI_CONNECTION
*Conn
,